While the crowdsourced security economy is growing across all industries, many still wonder if bug bounties and vulnerability disclosure programs put white hat hackers at legal risk rather than authorizing access and creating legal safe harbors. Who dictates the rules of the crowdsourced security economy? Who safeguards the legal interests of the individual hacker, the Crowd?

Join Amit Elazari, doctoral law candidate, CLTC Grantee, UC Berkeley School of Law, and Casey Ellis, founder and CTO of Bugcrowd, on Thursday, June 14 at 1 p.m. PST (4 p.m. EST) for a live video discussion on:

- Minimizing legal risks of hackers participating in crowdsourced security
- What can be done to foster safe harbor adoption in bug bounties
- The importance of standardizing legal terms, in light of the recent DOJ framework

Last year saw dramatic shifts in the cybersecurity landscape. The number of data breaches and cyber-attacks is skyrocketing. CISOs and security leaders are struggling to find and invest in the best approaches to combat cybercrime for their organizations.

Traditional application security testing methods just aren’t cutting it anymore, leaving so many organizations vulnerable. To get a better understanding on what is top of mind for cyber security leaders this year, we surveyed more than 250 CISOs, CIOs, CTOs and CIOs across different industries and regions.

Join our live CISO panel discussion which will outline this year’s top security goals and concerns:

There is no silver bullet against targeted and enduring attacks, and the reality is that if an external threat has enough resources at its disposal there is nothing that will make companies 100% protected.

Now more than ever, companies need to reexamine how they think about cybersecurity, empower their security teams, and prioritize security programs against competing internal initiatives.

Building and maintaining the appropriate mix of cybersecurity resources, processes, and company-wide emphasis can be a challenge for all companies regardless of their size or security maturity.

Register now to learn 3 core lessons learned from the Equifax data breach, and why many security leaders are adding Vulnerability Disclosure programs to patch vulnerabilities faster, give visibility and priority to known issues, and refine their SDLC.

About Bugcrowd:
The pioneer and innovator in crowdsourced security testing for the enterprise, Bugcrowd harnesses the power of more than 65,000 security researchers to surface critical software vulnerabilities and level the playing field in cybersecurity.

Security vendor products are held to a higher standard of security—and for good reason as the very existence of their organization could be at risk due to a vulnerability. Many of these vendors are turning to bug bounty programs to not only find any vulnerabilities in their products and services, but also to provide assurance to their clients.

Traditional methods for vulnerability discovery are failing us. With rapidly expanding attack surfaces, motivated adversaries, and the growing shortage of full-time infosec professionals, organizations are fighting a losing battle. One thing is clear: We need a new approach.

Enter the Bug Bounty model. Bug bounties have quickly evolved from a “nice to have” to a “must have” for most application security teams.

What’s behind this trend? Why are bug bounties growing, and why now?

Join our expert panel as we discuss the key findings from The 2017 State of Bug Bounty Report.

In the past several years, bug bounty programs have disrupted the pen test norm, and provide organizations with a robust and all-encompassing security assessment solution. Instructure, the company behind Canvas Learning Management System (LMS), made the switch three years ago and have never looked back.

In this webinar, we will explore...
• Why Instructure replaced their last three penetration tests and the results they’ve found
• The three fundamental differences between the penetration testing model and the bug bounty model
• How organizations running bug bounty programs have seen improved results in both volume and quality in vulnerability submissions

Security vendor products are held to a higher standard of security—and for good reason as the very existence of their organization could be at risk due to a vulnerability. Many of these vendors are turning to bug bounty programs to not only find any vulnerabilities in their products and services, but also to provide assurance to their clients.

Join our security panel for a live discussion on the following topics:
1. What unique appsec challenges come along with complex & high-risk environments
2. How to design security programs to provide robust coverage of those technologies
3. Why bug bounties were so quickly adopted within the security industry
4. Open Q&A with the panelists

Bug Bounty programs are critical to the security programs of thousands of organizations, but many still have not embraced them. Join security leader Johnathan Hunt, VP Information Security at InVision, Paul Ross, SVP of Marketing at Bugcrowd to discuss why that situation must change, through topics including:

Over the past twelve months we’ve witnessed a shift in how companies are tackling their application security challenges. Join a CISO, an AppSec guru, and IoT security expert to hear industry leading perspectives on the trends that have emerged over the past year, and what to look forward to in the next.

Our all-star panel of industry experts includes Jeremiah Grossman, Founder of WhiteHat Security and Chief of Security Strategy with SentinelOne, Daniel Miessler, Project Leader: OWASP IoT Security Project and Richard Rushing, CISO at Motorola Mobility, for a discussion on what trends every security professional needs to be aware of for 2017.

The critical trends you need to know about will include:
• How crowdsourcing security assessment will improve pen testing in 2017
• Why IOT security is becoming every CISO’s problem
• How will AI and Machine Learning impact protecting your company’s fate?

Despite thousands of large and small organizations running bug bounty programs, there is still a lot of fear and uncertainty about these in the cybersecurity community. In this webinar we will explore 7 myths about Bug Bounty programs, the hackers who are involved, and the impact they are having on the security posture of organizations around the world.

When you attend this webinar you will:

- Learn if a bug bounty program is right for your organization
- Understand if a bug bounty encourages hackers to attack your systems
- Explore the real benefits of bug bounty programs – and find out if they actually work
- Get insight on whether these programs are too hard and costly to manage

Bug bounty programs are moving from the realm of novelty towards becoming best practice. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has just begun to take off within the last few. Bug bounty programs have increased 210% percent since 2013.

Bug bounties provide an opportunity to level the cybersecurity playing field, strengthen the security of products, and cultivate a mutually rewarding relationship with the security researcher community.

Join Bugcrowd, SANS, and a customer panel as we discuss the momentum behind crowdsourced security.

Topics covered:
1. How bug bounties fit with a robust security strategy
2. Why bug bounties are being adopted by all types of organizations
3. How Okta saved the equivalent cost of two full-time employees with Bugcrowd

This guest webcast features Jake Kouns of Risk Based Security and Christine Gadsby of Blackberry who will be giving their Black Hat 2016 talk, analyzing the real risk of using OSS and the best way to manage its use within your organization.

Through real world examples and personal experience, the speakers will...
- Examine the current hype around OSS, highlighting what organizations should be the most concerned about, and how to evaluate the true cost of using OSS
- Explore how to utilize learnings from your incident response function to create smarter products and avoid maintenance costs of OSS
- Introduce a customized OSS Maturity Model and walk through the stages of organizational maturity with regards to how they prioritize and internalize the risk presented by OSS

Learn more about Jake Kouns:
https://www.blackhat.com/us-16/speakers/Jake-Kouns.html

Learn more about Christine Gadsby:
https://www.blackhat.com/us-16/speakers/Christine-Gadsby.html

In our wired, connected world, software flaws are inevitable – so why not utilize the nature of our connected world to work with a distributed immune system made up of thousands of security researchers? This webcast will provide in-depth analysis based on extensive academic research, conversations with CISOs experienced in running such programs, and the security researcher community.

In this webinar, we will highlight the business, technology, and organizational values companies derive from these bug bounty programs. Finally, the talk will identify the common myths, fears and barriers for participation, and suggest recommendations to counter these barriers.